Enterprise Environmental Factors in this context refer to "the attitudes toward risk and the risk tolerance of orgamizations and people involved in the project [...]" (comp. PMBOK3, p. 242).

• And the Organizational Process Assets in this context refer to the fact that "organizations may have predefined approaches to risk management such as risk categories, common definition of concepts [...]" or anything else( comp. PMBOK3, p. 242)

(8.1) Risk Management Planning

(8.1.1) Process Input

... generated by predecessor processes

... introduced by external units

  • Enterprise Environmental Factors
  • Organizational Process Assets

(8.1.2) Process Definition

Risk Management Planning is the process for "[...] deciding how to approach, plan, and execute the risk managment activities for a project"  (comp. PMBOK3, p. 237): The main task of planning the risk management is "[...] to ensure that the level, type, and visibility of risk management are commensurate with both the risk and the importance of the project to the organization [...]" (comp. PMBOK3, p. 242):

"Project Risk is an uncertain event or condition that, if it occurs, has a positive or a negative effect on at least one project objective [...] A risk may have one or more causes and, if it occurs, one or more impacts" (comp. PMBOK3, p. 238)

One has to distinguish between known unknowns and unknown unknowns: "Known risks are those that have been identfied and analyzed [...]" and which can be answered. But "unknown risks cannot be managed proactively [...]", the only possible answer is "[...] to allocate general contingency" (comp. PMBOK3, p. 240)

The subject Risk Management operates on the base of other risk concerning concepts

(8.1.3) Tools and Techniques

PMBOK Mentioned Methods

  • Planning meetings and analysis together are the techniques of risk management planning because risk management planning is namely generating a consens concerning the handling of risks

(comp. PMBOK3, p. 243).

Open Source Tools

  • myPmpsFactory offers an already completely elaborated but nevertheless still customizable risk management plan. This 'template' can be edited by Open Office 3 (Impress).

(8.1.4) Process Output

  • The Risk management plan "[...] descibes how risk management will be structured [...]" and is part of the broadened project management plan. It should contain rules for
    • the use of methodologies (Which methods shall be used?)
    • roles and repsonsibilities (Who will become part of the risk team and why?)
    • budgetings (How many money shall be spent on managing the risks?)
    • timings (How often shall the risk management processes be repeated?)
    • risk categories (How shall the risks be clustered, what's the Risk Breakdown Structure?)
    • definitions of risk probality and impact (How shall the probalitiy and the impact be clustered?)
    • probality and impact matrix (How shall the combination of probability and impact be clustered?
    • revised stakeholder tolerances (Which tolerances are really used and which can be accepted?)
    • reported formats (How shall the results be reported?)
    • tracking (How shall the results be documented?)

(comp. PMBOK3, pp. 243ff)

(8.1.5) Output Using Successor Processes

Successors using the initially generated output as own input(1):

  1. For details see FAQ::Q001:1